Meet the $1 Billion Startup Busting Cyber Security’s Greatest Myth

In 2011, cybersecurity researcher and entrepreneur Stuart McClure spent his last year working at McAfee, as the company’s global chief technology officer, apologizing a lot. McClure said hackers were slipping into McAfee customer networks and each subsequent breach seemed worse than the last.

McClure would have to meet with each of the big McAfee corporate customers to explain why the software failed and at the end of each meeting someone would ask McClure the same question: “‘What type of security software do you use on your machine to prevent cyber attacks?'” The customers would then wait, pens poised above a piece of paper to jot down the long list of layer after layer of high-end software that the global CTO of a multimillion-dollar security company would surely recommend. But McClure would have to tell them his dirty secret:

He didn’t use any security software. Not even his employer’s.

I wont discount this happened, but I do find it hard to believe that McClure encountered a large number of customers who believed McAfee products failed to protect their network. The assumption in the second paragraph is McAfee – now Intel Security – only makes software, as in the anti-virus type, which could not be farther from the truth. The company does write software, but is well known in the corporate and enterprise business markets for network-based hardware security products like firewalls, intrusion prevention, security information and event management, web gateway, and more.

So it is not as if McAfee, at the time, was only an endpoint security provider. More to the point: even if it were, by 2011 DoD had deployed host-based security system – essentially McAfee’s endpoint protection suite – on over five million nodes, and had not (and has not) been breached. This makes me feel as if McClure is indulging for the sake of making his grand idea, and Cylance, much larger than it actually is in reality.

Finally, to address the last point about McClure not using any security software: neither do I. However, that is not because I lack confidence in the product, but because I use a Mac and am much more in tune with what I do online. When I use Windows, I absolutely use security software, and it is always McAfee endpoint protection.

It would have been quite easy for McClure to make a blanket statement about not using McAfee’s security software, especially if he were a Mac user, which I suspect he was at the time.

SCOTT (すこっと)

Scott (すこっと) is a cyber security, threat intelligence strategist, and technology evangelist working and living in Tokyo. In addition to his day job, Scott is fascinated by the future of computing, the technology industry, privacy, encryption, mobile apps, politics, & Japan. Scott enjoys taking pictures with his iPhone and sharing them freely online, primarily on Instagram.